1Name: tlslite
2URL: http://trevp.net/tlslite/
3Version: 0.3.8
4Security Critical: No
5License: Public domain
6
7Local Modifications:
8
9- patches/close_notify.patch: tlslite/TLSRecordLayer.py was changed to force
10  the socket to be closed when the SSL connection is closed. This is is
11  necessary at this point since WinHTTP does not seem to react to the SSL
12  close notify. It's also needed to prevent a hang on Linux.  See also 
13  http://sourceforge.net/mailarchive/forum.php?thread_name=41C9B18B.2010201%40ag.com&forum_name=tlslite-users
14- patches/python26.patch: Replace sha, md5 module imports with hashlib, as
15  they are deprecated in Python 2.6
16- patches/ca_request.patch: tlslite/X509.py was changed to obtain the
17  DER-encoded distinguished name for a certificate, without requiring any
18  addition libraries.
19  tlslite/utils/ASN1Parser.py was changed to allow obtaining the unparsed
20  data for an element in a SEQUENCE, in addition to providing the parsed
21  value (tag and length removed)
22  tlslite/messages.py was changed from accepting/returning a single byte
23  array in the CertificateRequest message for the CA names to accept a list
24  of byte arrays, each containing a DER-encoded distinguished name.
25  tlslite/TLSConnection.py was changed to take a list of such byte arrays
26  when creating a TLS server that will request client authentication.
27- patches/send_certificate_types.patch: tlslite/message.py was changed to
28  default to a certificate_types of [rsa_sign] in CertificateRequest. Apple's
29  Secure Transport library rejects an empty list and raises an SSL protocol
30  error.
31- patches/parse_chain.patch: tlslite/X509CertChain.py and tlslite/X509.py were
32  updated to add a parseChain method, that can parse multiple certificates from
33  a PEM string.
34- patches/tls_intolerant.patch: allow TLSLite to simulate a TLS-intolerant server.
35- patches/channel_id.patch: add basic ChannelID support. (Signatures are not
36  checked.)
37- patches/signed_certificate_timestamps.patch: add support for sending Signed
38  Certificate Timestamps over a TLS extension.
39- patches/fallback_scsv.patch: add support for TLS_FALLBACK_SCSV. See
40  https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01
41- patches/status_request.patch: add support for sending stapled OCSP responses.
42